Secure information handling system matrix bar code

ABSTRACT

An information handling system analyzes secondary information captured with an image of a two-dimensional barcode to perform a function. For example, a mobile phone camera captures an image of a QR code at a product plus characters printed next to the QR code, uses optical code recognition to determine the characters, and applies information from the QR code and the characters to register the product. As another example, a security indicator is captured with an image of the QR code and applied to access information of the QR code, such as by using GPS position information, local network information, or telephone number information to encrypt and/or decrypt information stored in the QR code.

CROSS REFERENCE TO RELATED APPLICATIONS

U.S. patent application Ser. No. 13/655,149, entitled “SecondaryInformation For An Information Handling System Matrix Bar CodeFunction,” inventors Kevin D. Terwilliger, Orin M. Ozias, and Scott C.Lauffer, filed on same day herewith, describes exemplary methods andsystems and is incorporated by reference in its entirety.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates in general to the field of informationhandling system bar codes, and more particularly to a secure informationhandling system matrix bar code.

2. Description of the Related Art

As the value and use of information continues to increase, individualsand businesses seek additional ways to process and store information.One option available to users is information handling systems. Aninformation handling system generally processes, compiles, stores,and/or communicates information or data for business, personal, or otherpurposes thereby allowing users to take advantage of the value of theinformation. Because technology and information handling needs andrequirements vary between different users or applications, informationhandling systems may also vary regarding what information is handled,how the information is handled, how much information is processed,stored, or communicated, and how quickly and efficiently the informationmay be processed, stored, or communicated. The variations in informationhandling systems allow for information handling systems to be general orconfigured for a specific user or specific use such as financialtransaction processing, airline reservations, enterprise data storage,or global communications. In addition, information handling systems mayinclude a variety of hardware and software components that may beconfigured to process, store, and communicate information and mayinclude one or more computer systems, data storage systems, andnetworking systems.

Information handling systems have over time included more powerfulprocessing components that cooperate to process and store information.This trend has allowed manufacturers to build information handlingsystems from smaller and more powerful components into smaller and morecompact housings. Today, mobile telephones perform many functionshistorically performed by desktop and laptop information handlingsystems, such as providing web browsing and e-mail functions. A typical“smartphone” is essentially a small tablet information handling systemin a housing sized to hold as a handset during a telephone call. Oneside of the tablet housing exposes a touchscreen display that presentsinformation and accepts inputs made with the aid of graphical userinterfaces. The housing typically has an integrated camera to allow anend user to take pictures and store the pictures in memory integrated inthe housing, such as flash memory of a solid state drive (SSD). Toperform web browsing or e-mail functions, the end user activates anappropriate application through the touchscreen and interacts with theapplication through the touchscreen. Although the small size ofsmartphone information handling systems provides convenient andeasy-to-use consumption of information for end users, the small size ofthe touchscreen can make typed inputs by an end user slow and difficult.For example, in order to input a web address at a web browser, an enduser typically manipulates a keyboard at a touchscreen, which takestime, concentration and usually involves a number of minor mistakes.

One shortcut for inputting a web address to a smartphone informationhandling system is provided by the use of Quick Response (QR) codes. AQR code is a type of matrix barcode, also known as a two-dimensionalcode, that stores information with black modules arranged in a squarepattern on a white background. A QR code is detected as atwo-dimensional image by a camera that is then digitally analyzed todecode information stored by the black modules. Typically, a processorlocates three distinctive fiducial squares at the corners of the imageand a smaller square near the fourth corner to normalize the image forsize, orientation and angle of viewing so that modules can be convertedto binary numbers and validity checked with an error-correcting code. Ifthe information stored by a QR code provides a web address, then asmartphone end user can open a browser to the web address embedded inthe QR code by taking a picture of the QR code with a camera of thesmartphone and then analyzing the picture with an application running ona processor of the smartphone. QR code reader applications are typicallyavailable at no charge for download and use on most smartphones.

Advertisers have taken advantage of QR codes to enrich advertisingcontent that an end user finds of interest. For example, anadvertisement includes a QR code that embeds a web address withadditional advertisement content. If an end user finds the advertisementof interest, the end user takes a picture of the QR code with asmartphone and allows the smartphone browser to automatically presentinformation from the web address, which is decoded by a QR code readerapplication running on the smartphone. In addition to the web address,the QR code can include identification information that indicates wherethe QR code was captured by an end user. For example, a URL encoded inthe QR code includes information associated with a location.

One disadvantage of ready access to QR code information is thatvirtually anyone with a smartphone can take an image of and decodevirtually any QR code. In some instances, a QR code may include productrelated information or a confidential nature that is only intended foruse by a particular end user, such as a purchaser of a product. Forexample, a storage device sold at a store might include a QR code withinformation that aids an end user in setting up the storage device; ifan individual with malicious intent takes an image of the QR code beforepurchase of the storage device by an end user, then information gleamedfrom the storage device might further malicious intentions of theindividual, such as attempts to hack the storage device. Similarsecurity concerns exists where other types of confidential informationis stored in and then communicated by a QR code.

Another difficulty with embedding information in a QR code is thatprinting individual QR codes for specific information can be anexpensive and complex process. For example, printing a series of QRcodes with each having a different serial string of informationtypically uses specialized printing and management software to monitorthe use of each QR code. Once the QR codes are printed, care is requiredto ensure that each QR code ends up on a desired product or at a desiredlocation. If the information embedded in a QR code is encrypted,monitoring the information provided by each QR code has increaseddifficulty in that an encrypted QR code is more difficult to test onceit is attached to a product since the tester must have access to the keyfor decrypting the QR code.

SUMMARY OF THE INVENTION

Therefore a need has arisen for a system and method which supportssecure information handling system matrix bar codes, such as QR codes.

In accordance with the present invention, a system and method areprovided which substantially reduce the disadvantages and problemsassociated with previous methods and systems for using matrix bar codesin a secure manner. Secondary information captured with a QR code isapplied to aid in performance of a function with the QR code, such asconfiguration of a product having the QR code attached to it or to itspackaging. The secondary information is available to restrict access toinformation in the QR code from unauthorized individuals.

More specifically, an information handling system captures an image of aQR code, such as with an integrated camera, and also captures secondaryinformation to support performance of a function, such as configurationor registration of a product. Secondary information includes informationcaptured with the image of the QR code and/or information available atthe information handling system that captures the image, such as GPSlocation, local area network information, a telephone number, or otherdistinguishing information. In one embodiment, the information handlingsystem applies the secondary information and QR code information toperform a function, such as configuration of the product. In analternative embodiment, the information handling system applies thesecondary information to access restricted information associated withthe QR code, such as by decrypting the QR code or providing an input toa network location having an address provided by the QR code.

The present invention provides a number of important technicaladvantages. One example of an important technical advantage is that oneQR code supports multiple products and users by incorporating secondaryinformation with QR code information to perform a function, such asconfiguration of the products. The QR code provides the location or typeof secondary information, such as the location of a serial number or theuse of information proximate to the characters MAC, so that one commonand inexpensive printing of the QR code will work in multiple products.This decreases the cost and complexity associated with use of QR codesto perform functions. Another example of an advantage is that QR codesthat are publicly accessible have their content restricted from accessby unauthorized individuals. For example, an application uses secondaryinformation to restrict access to at least part of a QR code so thatunauthorized individuals will have greater difficulty using a QR codefor malicious purposes. For instance, using a GPS location of anexpected delivery to decrypt the QR code or access a network location ofa network address of a QR code discourages unauthorized individuals fromattempting to use the QR code for malicious purposes.

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention may be better understood, and its numerousobjects, features and advantages made apparent to those skilled in theart by referencing the accompanying drawings. The use of the samereference number throughout the several figures designates a like orsimilar element.

FIG. 1 depicts a mobile telephone information handling system capturinga two-dimensional barcode and secondary information to perform afunction;

FIG. 2 depicts a flow diagram of one example process for capturing atwo-dimensional barcode and secondary information to perform a function;

FIG. 3 depicts a flow diagram of another example process for capturing atwo-dimensional barcode and secondary information to perform a function;

FIG. 4 depicts a mobile telephone capturing a two-dimensional barcodeand a security indicator to access secure information stored in thetwo-dimensional barcode;

FIG. 5 depicts a flow diagram of a process for securing information in avisible two-dimensional barcode for use by authorized users; and

FIG. 6 depicts a flow diagram of a process for delivery of a producthaving a two-dimensional barcode with information stored in a mannerrestricted to authorized users.

DETAILED DESCRIPTION

Information captured by an information handling system at the capture ofa two-dimensional barcode is analyzed together with the two-dimensionalbarcode to provide a function supported by the information handlingsystem. For purposes of this disclosure, an information handling systemmay include any instrumentality or aggregate of instrumentalitiesoperable to compute, classify, process, transmit, receive, retrieve,originate, switch, store, display, manifest, detect, record, reproduce,handle, or utilize any form of information, intelligence, or data forbusiness, scientific, control, or other purposes. For example, aninformation handling system may be a personal computer, a networkstorage device, or any other suitable device and may vary in size,shape, performance, functionality, and price. The information handlingsystem may include random access memory (RAM), one or more processingresources such as a central processing unit (CPU) or hardware orsoftware control logic, ROM, and/or other types of nonvolatile memory.Additional components of the information handling system may include oneor more disk drives, one or more network ports for communicating withexternal devices as well as various input and output (I/O) devices, suchas a keyboard, a mouse, and a video display. The information handlingsystem may also include one or more buses operable to transmitcommunications between the various hardware components.

Referring now to FIG. 1, a mobile telephone information handling system10 is depicted capturing a two-dimensional barcode 12 and secondaryinformation to perform a function. Although FIG. 1 depicts a mobiletelephone information handling system 10, in alternative embodimentsother types of information handling systems may be used, such as tabletor laptop information handling systems of various sizes andcapabilities. Mobile telephone information handling system 10 isconfigured essentially as a small tablet information handling systemhaving a housing 14 sized to act as a telephone handset. Two-dimensionalbar code 12 is depicted as a QR code, however, in alternativeembodiments other types of matrix barcodes may be used to provideinformation for capture by an information handling system, such as withanalysis of an image captured by a camera 16. In the example embodiment,mobile telephone information handling system 10 has a processor 18 thatexecutes instructions stored in a memory 20. For example, a web browserapplication 22 and e-mail application 24 execute on processor 18 tointerface with a network 26 through a wireless network interface card(WNIC) 28, such as a wireless local area network (WLAN) or wireless widearea network (WWAN) interfaced with the Internet.

Camera 16 of mobile telephone information handling system 10 captures animage of QR code 12 and stores the image in memory 20 for analysis by aQR code analyzer 30. QR code analyzer 30 analyzes the image to extractembedded information stored in QR code 12, such as a network address URLor e-mail address. QR code analyzer 30 applies the barcode informationretrieved from QR code 12 to perform a function, such as opening a webpage for the network address URL with web browser 22 or sending ane-mail to the e-mail engine with e-mail engine 24. Alternative types oftwo-dimensional barcodes may perform alternative functions withalternative types of barcode information stored in two-dimensionalbarcode 12, as is known in the art. The present disclosure is notlimited to the use of just QR codes for just the functions of webbrowsing and e-mail. The present disclosure provides for the use ofsecondary information and security indicators to enhance the usefulnessof two-dimensional barcode reading by information handling systems suchas mobile telephone information handling system 10.

In the example embodiment, QR code 12 is affixed to a product 32, suchas with a sticker glued to a wireless access point (WAP). Outside of theboundary 34 of QR code 12, product 32 has a variety of other types ofinformation that is secondary to the information of QR code 12 andcaptured in an image taken by camera 16 of QR code 12. For example,product 32 has a MAC address 36, serial number 38 and security key 40printed on one or more stickers below QR code 12. Off to one side of QRcode 12, a phone number 42 to call for service and a service number 44to uniquely identify the product are printed on another sticker. Thesecondary information of MAC address 36, serial number 38, key 40, phonenumber 42 and service number 44 are printed as characters and in someinstances may include a one-dimensional barcode next to the characters.

An end user captures an image of product 32 in order to perform afunction associated with product 32 using barcode information of QR code12. For example, in the instance where product 32 is a WAP, QR code 12includes a network address for a network location that assists inconfiguration of the WAP for use in a network of the end user. In analternative example, product 32 may be an information handling systempre-loaded with software having a license key printed next to QR code12, which stores a network address for registration of the software. Theimage captured by the end user includes the secondary information withincamera view. QR code analyzer 30 analyzes the image capture of the QRcode to extract the barcode information, such as the configuration orregistration network addresses of the example embodiments. In additionto extracting the network address, QR code analyzer 30 extracts barcodeinformation that indicates the type or location of secondary informationfor use in performing the function, such as the configuration orregistration functions of the example embodiments. For instance, barcodeinformation indicates the location of MAC address 36 for use inconfiguration of a WAP or key 40 for use in registration of software.

Once QR code analyzer 30 extracts barcode information from QR code 12that indicates the location of secondary information, a secondaryinformation analyzer 46 analyzes the image by applying the barcodeinformation to extract the secondary information. For instance, ifproduct 32 is a WAP and barcode information indicates the location ofMAC address 36 immediately below QR code 12, then secondary informationanalyzer 46 extracts the MAC address information from that location.Once the configuration network address and MAC address are extractedfrom the image, QR code analyzer 30 provides the network address to webbrowser 22 and inserts the MAC address into a field of web page calledup by the web address to initiate configuration of the WAP. Similarly,in the example where product 32 is an information handling system havingpreloaded software, QR code analyzer 30 provides the registrationnetwork address to web browser 22 and inserts key 40 into a field of theweb page called up by the web address to initiate registration of thesoftware. In the example embodiment, secondary information analyzer 46is an optical character recognition (OCR) analyzer that creates adigital representation of characters presented at product 32. In analternative embodiment, secondary information analyzer 46 is aone-dimensional barcode reader that reads a one-dimensional barcode todetermine the secondary information. In alternative embodiments,alternative types of recognition techniques may be used, such asrecognition of a shape of a product or a logo depicted on a product toidentify the product.

In one embodiment, secondary information analyzer 46 determinessecondary information without first obtaining a location or type of thesecondary information from the barcode information. For example,secondary information analyzer 46 may identify the MAC address bylocating the characters “MAC address” and analyzing characters nearbythat match the type used for a MAC address. In one embodiment, secondaryinformation analyzer 46 is located at a network address provided by QRcode 12 and web browser 22 sends a copy of the image captured by camera16 to allow analysis of the secondary information at the website. In analternative embodiment, web browser 22 contacts the network addressprovided by barcode information extracted from QR code 12 to downloadsecondary information analyzer 46 as an application that can thenexecute to determine the secondary information with a locationprogrammed in the application. Alternatively, web browser 22 contactsthe network address provided by barcode information extracted from QRcode 12 to download a location or type (e.g., MAC address) of thesecondary information so that secondary information analyzer 46 candetermine the secondary information.

One advantage of using barcode information and secondary information toperform a function associated with product 32 is that one QR code 12 maybe mass produced and put on plural products 32, yet an individualizedfunction is made available from the common QR code. Using a common QRcode provides reduced expense and complexity by avoiding the need forserial printing of individualized QR codes for each product 32. Forexample, the network address for a product 32 stored in a QR code 12affixed to the product with a label will by itself provide a web addressto a QR code analyzer 30 that opens a web page in a browser 22 for theproduct 32. However, if a secondary information analyzer 46 analyzes animage of QR code 12 to determine a serial number 38 for the individualproduct 32, then appending the serial number 38 to the web addressextracted from QR code 12 results in web browser 22 retrieving a webpage specific to the individual product 32. Similar applications ofbarcode and secondary information might apply in other situations, suchas where a two-dimensional barcode advertisement is placed on a storewindow for a mobile telephone to capture along with secondaryinformation that identifies the store location. In such an example, thesecondary information might include text near a QR code, an image of aproduct, a façade of the store or GPS information from the mobiletelephone. By including the secondary information with barcodeinformation, a web browser of the mobile telephone is able to retrieve aweb page for the product with the barcode information at the storelocation indicated by the secondary information using a QR code that iscommon to plural stores.

One disadvantage of using barcode information and secondary informationto perform a function associated with product 32 is that unauthorizedindividuals might attempt to perform the function with a QR codeanalyzer 30 and, for instance, manual entry of secondary information. Asecurity module 48 reduces the risk of unauthorized access to a functionby adding security features to the access of barcode and secondaryinformation. In one example embodiment, a position locator 50 of mobiletelephone information handling system 10, such as a GPS receiver,determines the latitude and longitude position at the time an image istaken and communicates the position to a network location 52 using anetwork address provided by barcode information extracted from QR code12. A secondary information engine 54 running at network location 52,such as an application running on a server information handling system,receives the position information and compares the position informationwith expected position information of a secondary information database56 to authorize the function only with an authorized position. In analternative embodiment, position is provided by a domain determiner 58interfaced with WNIC 28 of mobile information handling system 10. Forinstance, position is indicated by an IP address or domain of a wirelesslocal area network interfaced with WNIC 28 that is sent to secondaryinformation engine 54 to confirm authorization for the functionassociated with the QR code 12 of product 32. In alternativeembodiments, security module 48 obtains access to a secured functionusing a variety of secondary information as security indicators as setforth herein in greater detail below.

Referring now to FIG. 2, a flow diagram depicts one example process forcapturing a two-dimensional barcode and secondary information to performa function. The process begins at step 60 by taking an image of a QRcode or other matrix barcode with a camera of an information handlingsystem, such as a smartphone. The image captures the QR code andsecondary information outside the boundary of the QR code, such as aserial number or shape of the product. At step 62, the image is analyzedto decode barcode information embedded in the QR code, such as a networkaddress. At step 64, the barcode information is applied to locatesecondary information outside of the QR code for use to perform afunction. For example, the barcode information can indicate a locationon the product where a serial number is located. Alternatively, thebarcode information can indicate which digits of a serial code should beused to access a function. In alternative embodiments, the barcodeinformation identifies information for an OCR application to analyze togenerate digitized information to input into fields of a webpage for aweb address embedded in the QR code, such as a MAC address to configurea WAP or a key to register software. At step 66, the image is analyzedas indicated by the barcode information to decode secondary informationoutside the barcode for application to perform a function. For instance,the OCR application reads characters proximate to but outside the QRcode boundary. Alternatively, a position locator determines a GPS ornetwork position of the product based upon the position of thesmartphone that captured the image. Once the secondary information isdetermined and stored in memory in a digital format, at step 68 thebarcode information and secondary information are applied to perform afunction, such as communicating with a network address or e-mail addressembedded in the QR code to send a serial number, key and/or MAC addressprinted as characters outside of the QR code.

Referring now to FIG. 3, a flow diagram depicts another example processfor capturing a two-dimensional barcode and secondary information toperform a function. The process begins at step 70 with the capture of animage of a QR code with an information handling system, such as by asmartphone camera. At step 72, a URL network address is decoded from theimage by analyzing the QR code with the information handling system. Atstep 74, the information handling system contacts the network locationassociated with the URL network address. At step 76, the informationhandling system obtains the location or type of secondary informationfrom the network location, such as the location of a MAC addressrelative to the QR code. In alternative embodiments, the location ortype of secondary information is provided by the network locationthrough a password accessed website, such as an account sign in or otherpassword protection in order to restrict unauthorized access toinformation relating to the QR code for the specific product asidentified by secondary information. At step 78, the informationhandling system analyzes the image of the QR code based upon inputs fromthe network location in order to determine the secondary information. Inthe example where the website is password protected, the secondaryinformation may be arranged in an order defined by the network locationto provide additional security. For example, selected characters fromthe serial number and MAC address in a selected order are appended tothe network address provided by the QR code to download a second networklocation specifically associated with the product. At step 80, thesecondary information and barcode information provided by the QR codeare applied to perform a function, such as configuration of a WAP orregistration of software. One advantage of inquiring with a networklocation using a network address from the QR code to determine thesecondary information is that changes in the type of the secondaryinformation may be retroactively adjusted after disposition of the QRcode at a location or on a product.

Referring now to FIG. 4, a mobile telephone 10 is depicted capturing atwo-dimensional barcode 12 and a security indicator 82 to access secureinformation stored in the two-dimensional barcode 12. For example, QRcode 12 is affixed to product 32 or a cardboard container that holdsproduct 32 and then shipped from a manufacture location to an end userlocation. In one example embodiment, QR code 12 has shipping informationembedded in it to aid shipping from a manufacturer location to an enduser location. In an alternative embodiment, QR code 12 has productinformation for presentation at a retail store and to aid inconfiguration of the product after purchase by an end user from theretail store for use at the end user location. One difficulty withpresenting information using a QR code in publicly accessible areas isthat unauthorized individuals might capture an image of the QR code andthen use the image at a later time to access the product. Securitymodule 48 helps to prevent unauthorized access by applying varioussecurity indicators to prevent unauthorized access to informationavailable through or embedded in QR code 12.

In the example embodiment depicted by FIG. 4, product 32 is a WAP havingQR code 12 that provides access to a network location 52 forconfiguration of the WAP. QR code 12 includes unencrypted information 84accessible to an end user with a QR code analyzer and also includesencrypted information 86 accessible to an end user with a key thatunencrypts the information, such as a key acquired from or with asecurity indicator 82. QR code 12 has a self-destruct feature 88 thatseparates into at least two parts to make the information unreadablewhen QR code is pulled apart at the self-destruct feature 88. Forexample, QR code 12 is affixed to a location of product 32 or acontainer of product 32 so that setting up product 32 results in tearingof QR code 12 along self-destruct feature. In this manner, theinformation embedded in QR code 12 is used only once. In an alternativeembodiment, a security service 90 running on network location 52 allowsone use of information from QR code 12 and then prevents subsequentaccess to the information, such as by disabling a network address of QRcode 12. Single access to information provided by QR code 12 allows aninitial configuration of the product without subsequent usage byunauthorized users.

In various embodiments, various degrees of security are desired toreduce the risk of unauthorized access to information through a publiclydisplayed QR code 12, such as a QR code 12 presented at a product 32. Insome instances, QR code 12 is encrypted to prevent access unless it isanalyzed by a reader that has a key input by an end user to decrypt theinformation. However, this type of encryption means that an end user hasto have the key in order to read information. In some instances, lesssecure encryption may present an obstacle to discourage unauthorizeduses while providing a less complex usage model for inexperienced endusers. For example, QR code 12 unencrypted information 84 provides anetwork address so that an unauthorized user who captures the QR codewill go to the network address and be discouraged from believing thatother information of interest is stored in the QR code. However, anauthorized user, such as the end user receiving product 32, can obtainencrypted information by including a security indicator 82. In oneembodiment, a local application on information handling system 10analyzes an image taken of QR code 12 to determine if a securityindicator 82 is included in the image as secondary information and thenapplies the secondary information to decrypt encrypted information 86.In an alternative embodiment, security indicator 82 is provided fromother resources of information handling system 10, such as a GPSreceiver, a telephone number, a domain name or IP address of informationhandling system 10 that is used as a key to decrypt encryptedinformation 86. In another alternative embodiment, security service 90of network location 52 responds to a request for a website bydetermining authorization of a security indicator associated with aninformation handling system and in response to authorization provides akey to decrypt encrypted information 86. For example, security service90 receives a GPS location, IP address, domain name or telephone numberfrom information handling system 10 along with a request to a networkaddress of unencrypted information 84 for a QR code 12 and provides akey to decrypt encrypted information 86 if GPS location, IP address,domain name or telephone number match that of an authorized user.Although this does not provide full-proof security, it does makeunauthorized use of information from publicly viewable QR code moredifficult.

In operation, an end user captures an image of QR code 12 with a cameraintegrated in information handling system 10 and analyzes the image todetermine unencrypted information 84 with conventional QR code analysis.A security module running on information handling system 10 analyzes theimage to determine encrypted information 86 based upon a preset securityindicator, a setting in QR code 12, an independent analysis of theimage, an end user input, instructions from security service 90 that aredownloaded through network 26, or other factors. In one embodiment,security indicator 82 is included in the image of QR code 12 assecondary information. For example, security indicator 82 is a biometricfactor, such as an image of an authorized end user's face orfingerprint, a handwritten code written proximate QR code 12 by the enduser, or an item removed from a box that contains product 32. In oneexample of biometric security indicators, biometric factors providedfrom an end user to the product manufacturer are used to encryptencrypted information 86 so that biometric logic of information handlingsystem 10 can apply the biometric factors to decrypt the information. Inone example of a handwritten code, the manufacturer encrypts informationin QR code 12 with a key and provides the key to the end user beforepurchase, at purchase or after purchase of product 32. The end userwrites the code instead of putting the code into the application runningon information handling system 10 so that a secondary informationanalyzer can determine the code and apply the code to decryptinformation of QR code 12. As an alternative, the end user openspackaging containing product 32 and removes a typewritten code from thepackaging to place next to QR code 12 exposed at the packaging so that asecondary information analyzer can analyze the code. In one example, thecode may be created by selecting predetermined characters alreadyprinted proximate to QR code 12, such as every other character of aserial number. In another alternative embodiment, QR code 12 is printedwith plural colors so that unencrypted information is read with onecolor, such as using a conventional QR code analyzer to read blacksquares as black and all other squares as white, and to read encryptedinformation 86 by selecting one or more colors to treat as blacksquares. As an alternative, a color filter is included in packaging ofproduct 32 so that colors presented by QR code 12 are filtered intosecondary colors that provide unencrypted information when read as blacksquares. In each example where secondary information of an image is usedas a security indicator, the end user can obtain the type and factors ofthe security indicator from local storage of information handling system10, by inputting selections at information handling system 10, with anapplication having preset security indicator, by contacting a networklocation 52 or in other manners.

In some instances, security indicator 82 is secondary information thatis not included in an image of QR code 12. In one example, informationhandling system 10 captures an image of QR code 12 and includes a GPSlatitude and longitude value with the image. The manufacturer uses thedelivery address of product 32 to determine a latitude and longitudevalue for encryption of encrypted information 86. Information handlingsystem 10 applies all or part of the GPS values to decrypt QR code 12upon delivery of product 32 to the correct address. In another exampleembodiment, the manufacturer of product 32 accepts an order for theproduct from a network location of the end user and applies the IPaddress or domain name of the end user to encrypt encrypted information86 or QR code 12. Upon delivery, information handling system 10 detectsthe IP address or domain name to which it is interfaced and applies allor part of the IP address or domain name to decrypt the encryptedinformation. In one alternative embodiment, the GPS values, IP address,and/or domain name are include as inputs to a network location 52provided by a network address of QR code 12. Information handling system10 opens the network location, such as with a web browser using thenetwork address extracted from QR code 12, and then inputs all or aselected portion of the GPS, IP address, domain name or otherinformation into the network location to obtain access to additionalinformation, such as configuration information located on the networkaddress or a key to read encrypted information within QR code 12.

Referring now to FIG. 5, a flow diagram depicts a process for securinginformation in a visible two-dimensional barcode for use by authorizedusers. The process starts at step 92 with capture of an image of a QRcode or other matrix barcode using a camera integrated in an informationhandling system. At step 94, the image is analyzed to decode informationstored in the QR code. At step 96, a determination is made of whetherthe QR code is associated with encrypted information, such as byencryption of information stored by the QR code or encryption ofinformation available through a network address of the QR code. If theQR code does not include encrypted information, the process continues tostep 98 to operate with the QR code information in a conventionalmanner, such as opening a web browser to an unencrypted network addressstored in the QR code. In one embodiment, if the QR code is analyzed bya conventional QR code reader without the ability to detect associatedencrypted information as described herein, the end user will open thenetwork location without an indication of encrypted information and thusnot have a reason to attempt to retrieve unauthorized information.

If at step 96 a determination is made that encrypted or otherwiserestricted information is associated with the QR code, the processcontinues to step 100 to determine whether a key input by the end useris needed to operate on information of the QR code, such as a key todecrypt configuration information or a network address embedded in theQR code. If so, the process continues to step 102 to accept input of thekey from an end user and then to step 98 to present the information atthe information handling system or otherwise perform a function with theQR code information. If at step 100 a determination is made that a keyinput is not needed by an end user, the process continues to step 104 todetermine if a secondary information key is needed to operate oninformation associated with the QR code, such as characters orbiometrics captured in the image or other information associated withthe image, like GPS, IP address, domain name, telephone number, etc. . .. If yes at step 104, the process continues to step 106 to determine thesecondary information and apply the secondary information to perform afunction with the information of the QR code at step 98. For example,the last four numbers of the telephone number of the mobile telephonethat captured the image are used to decrypt an encrypted portion of theQR code in order to obtain configuration information to set up a producton which the QR code is affixed. If no at step 104, the processcontinues to step 106 to determine if a network key is needed to operateon information associated with the QR code. For instance, communicationis initiated with a network location from a network address of the QRcode to determine if secondary information provided from the informationhandling system will provide access to a restricted network address. Ifso, the process continues to step 110 to automatically provide thesecondary information for access to restricted information, such as byproviding restricted information from the network location or providinga key from the network location to decrypt information of the QR code.If at step 108 a network key is not indicated, the process continues tostep 98 to present information or perform a function based uponunencrypted information provided from the QR code.

Referring now to FIG. 6, a flow diagram depicts a process for deliveryof a product having a two-dimensional barcode with information stored ina manner restricted to authorized users. At step 112, the product isshipped with a QR code attached, such as at the housing of the productor external packaging of the product. In one embodiment, the QR code isat least partially encrypted using secondary information that can becaptured by an information handling system with the QR code, such asinformation associated with an intended end user that is used as a keyfor the encryption, like a GPS location or telephone number. In anotherembodiment, the QR code has unencrypted information that provides accessto a network location based upon secondary information that can becaptured by an information handling system with the QR code, such as akey provided in the package. At step 114, an image is captured of the QRcode at the destination along with secondary information. At step 116,restricted information associated with the QR code is provided toperform a function at the information handling system, such as byapplying secondary information to decrypt configuration informationstored in the QR code or to access configuration information at anetwork location provided by the QR code. At step 118, the restrictedinformation is applied with the information handling system to performthe function, such as configuration of the product. At step 120, the QRcode is decommissioned after the function is completed to disablesubsequent use of the QR code.

Although the present invention has been described in detail, it shouldbe understood that various changes, substitutions and alterations can bemade hereto without departing from the spirit and scope of the inventionas defined by the appended claims.

What is claimed is:
 1. An information handling system comprising: aprocessor operable to process instructions; memory interfaced with theprocessor and operable to store the instructions; a camera interfacedwith the processor and memory, the camera operable to capture an imageand store the image in the memory; a two-dimensional barcode analyzerstored in the memory and operable to analyze the image to determinebarcode information of a two-dimensional barcode captured by the image;a security module stored in the memory and operable to determine asecurity indicator associated with the two-dimensional barcode forauthorization of use of the barcode information; a position locatorinterfaced with the security module and operable to determine a positionof the information handling system; and wherein the security moduleretrieves a position from the position locator and applies the positionto authorize use of the barcode information; and wherein the positionlocator comprises a GPS receiver operable to detect a latitude andlongitude information at capture of the image of the two-dimensionalbarcode and to apply at least part of the latitude and longitudeinformation to decrypt the barcode information.
 2. An informationhandling system comprising: a processor operable to processinstructions; memory interfaced with the processor and operable to storethe instructions; a camera interfaced with the processor and memory, thecamera operable to capture an image and store the image in the memory; atwo-dimensional barcode analyzer stored in the memory and operable toanalyze the image to determine barcode information of a two-dimensionalbarcode captured by the image; a security module stored in the memoryand operable to determine a security indicator associated with thetwo-dimensional barcode for authorization of use of the barcodeinformation; a position locator interfaced with the security module andoperable to determine a position of the information handling system; andwherein the security module retrieves a position from the positionlocator and applies the position to authorize use of the barcodeinformation; and wherein the position locator comprises a networkinterface operable to detect a local area network interfaced with theinformation handling system and to apply the local area network todecrypt the barcode information.